Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZkiCUgQNDUsOxgSoKNIToSOlGd8.roa
File: ZkiCUgQNDUsOxgSoKNIToSOlGd8.roa (raw, json)
Hash identifier: +5M3gdI95rqcr2iSHaV6KbrFUbUstunkWY3+Tdvb/Aw=
Subject key identifier: 66:48:82:52:04:0D:0D:4B:0E:C6:04:A8:28:D2:13:A1:23:A5:19:DF
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01865555360A9A193A4AEA6383EFD1CF4411
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZkiCUgQNDUsOxgSoKNIToSOlGd8.roa
Signing time: Wed 15 Feb 2023 13:48:13 +0000
ROA not before: Wed 15 Feb 2023 13:48:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a0f:7d00:1::/48 maxlen: 48
2a0e:15c1::/32 maxlen: 32
2a12:d6c1::/32 maxlen: 32
2a0a:2d00:1::/48 maxlen: 48
2a09:17c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:55:55:36:0a:9a:19:3a:4a:ea:63:83:ef:d1:cf:44:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 15 13:48:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66488252040d0d4b0ec604a828d213a123a519df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d2:51:7c:8a:27:eb:a4:00:02:b1:48:f9:8b:
67:d1:ee:d6:57:65:3e:f7:15:9d:8d:c1:c8:0a:4c:
4e:3a:e5:7f:ee:5e:59:c0:03:06:76:aa:43:b7:c7:
9e:33:6a:00:e7:c9:ed:6e:0e:85:06:b9:e4:36:5f:
f8:b3:b0:9e:e2:a8:1e:79:c2:15:90:11:79:9b:ff:
33:96:3f:33:0d:ed:e9:a1:43:db:4b:a4:1e:0b:af:
8b:38:e0:df:f0:45:98:cf:c6:08:9b:1f:b4:dc:e8:
db:6b:6a:b9:3c:1c:5a:30:3a:f1:a3:4a:33:4b:ad:
83:18:ba:10:d8:5d:e6:d7:97:6d:fc:73:f3:28:c0:
d0:47:30:da:c2:32:63:dc:bd:45:54:c7:27:08:74:
4c:92:18:4c:d2:e8:7e:25:3f:c0:f7:8b:4f:b3:fc:
72:9d:e1:e5:98:91:38:89:ee:53:55:eb:ef:a6:00:
4c:b7:14:4d:37:80:8f:23:49:ae:e5:b8:16:78:7c:
19:77:0a:6c:ea:c0:e4:84:1a:e7:9f:43:d1:ad:a5:
e8:05:ec:dc:d8:aa:e8:2c:bf:cf:fd:49:46:48:7c:
9a:ef:7f:f4:94:f6:6a:a0:82:e9:e4:bc:b4:34:14:
04:ea:ac:c3:7b:46:93:be:83:2f:bb:d1:ca:de:be:
5c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:48:82:52:04:0D:0D:4B:0E:C6:04:A8:28:D2:13:A1:23:A5:19:DF
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZkiCUgQNDUsOxgSoKNIToSOlGd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:17c0::/29
2a0a:2d00:1::/48
2a0e:15c1::/32
2a0f:7d00:1::/48
2a12:d6c1::/32
Signature Algorithm: sha256WithRSAEncryption
b8:b0:3e:f0:53:bd:68:b5:e8:59:e4:99:75:28:90:47:47:87:
2d:b5:5d:83:20:ce:e3:23:0e:9b:20:fd:70:56:76:d2:b3:18:
8b:4b:81:a1:28:78:46:ea:e6:1c:6d:9f:9b:9d:94:96:db:c4:
79:02:2d:81:4d:99:c9:8a:32:e7:ec:6f:06:b7:1e:7a:21:0e:
f4:cb:5b:d7:ec:55:e8:5f:ba:97:53:8c:68:88:8b:b1:88:69:
01:b4:63:96:7b:ac:6a:28:ba:b7:aa:64:d0:3b:46:79:27:3d:
ac:df:01:7f:69:6d:ec:a7:75:f9:93:d5:df:af:e6:3e:06:71:
f1:32:9a:a3:b1:78:1d:8f:73:6f:6d:2f:03:1d:0d:5d:f3:af:
05:a3:27:e4:81:a9:29:49:0f:12:c2:f0:e2:a4:d1:b8:30:c9:
a8:f3:ac:a6:f4:cf:8c:00:76:5e:27:d2:6e:c5:aa:9d:f2:ab:
e9:b9:78:d9:6f:45:7c:1e:a2:94:04:68:51:77:ca:1b:c9:5f:
74:60:82:41:4a:66:0f:c4:25:bd:2d:b5:d7:86:2e:7f:05:5f:
de:ab:37:65:b6:51:39:f8:92:88:af:6f:2a:e5:f3:eb:cf:a3:
00:41:0f:37:6b:66:42:a2:ba:cc:65:f0:aa:e5:f9:94:e6:b7:
c2:09:7d:e8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYZVVTYKmhk6Supjg+/Rz0QRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMjE1MTM0ODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjQ4ODI1MjA0MGQwZDRiMGVjNjA0YTgyOGQyMTNhMTIzYTUxOWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtJRfIon66QAArFI+Ytn0e7WV2U+
9xWdjcHICkxOOuV/7l5ZwAMGdqpDt8eeM2oA58ntbg6FBrnkNl/4s7Ce4qgeecIV
kBF5m/8zlj8zDe3poUPbS6QeC6+LOODf8EWYz8YImx+03Ojba2q5PBxaMDrxo0oz
S62DGLoQ2F3m15dt/HPzKMDQRzDawjJj3L1FVMcnCHRMkhhM0uh+JT/A94tPs/xy
neHlmJE4ie5TVevvpgBMtxRNN4CPI0mu5bgWeHwZdwps6sDkhBrnn0PRraXoBezc
2KroLL/P/UlGSHya73/0lPZqoILp5Ly0NBQE6qzDe0aTvoMvu9HK3r5cRQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGZIglIEDQ1LDsYEqCjSE6EjpRnfMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWmtpQ1VnUU5EVXNPeGdTb0tOSVRvU09sR2Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAAjAnAwUDKgkXwAMH
ACoKLQAAAQMFACoOFcEDBwAqD30AAAEDBQAqEtbBMA0GCSqGSIb3DQEBCwUAA4IB
AQC4sD7wU71otehZ5Jl1KJBHR4cttV2DIM7jIw6bIP1wVnbSsxiLS4GhKHhG6uYc
bZ+bnZSW28R5Ai2BTZnJijLn7G8Gtx56IQ70y1vX7FXoX7qXU4xoiIuxiGkBtGOW
e6xqKLq3qmTQO0Z5Jz2s3wF/aW3sp3X5k9Xfr+Y+BnHxMpqjsXgdj3NvbS8DHQ1d
868FoyfkgakpSQ8SwvDipNG4MMmo86ym9M+MAHZeJ9Juxaqd8qvpuXjZb0V8HqKU
BGhRd8obyV90YIJBSmYPxCW9LbXXhi5/BV/eqzdltlE5+JKIr28q5fPrz6MAQQ83
a2ZCorrMZfCq5fmU5rfCCX3o
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:51 2025 by rpki-client